Skip to content

Instantly share code, notes, and snippets.

View sandipchitale's full-sized avatar

SANDIP CHITALE sandipchitale

18 followers · 5 following
View GitHub Profile
@sandipchitale
sandipchitale / WebclientPassthruApplication.java
Last active August 21, 2023 06:42
Webclient passthru #webflux #webclient #springboot
package sandipchitale.webclient;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatusCode;
import org.springframework.http.ResponseEntity;
import org.springframework.http.client.reactive.ClientHttpRequest;
import org.springframework.http.server.reactive.ServerHttpRequest;
import org.springframework.web.bind.annotation.*;
@sandipchitale
sandipchitale / body.java
Last active August 19, 2023 21:23
WebClient body #webclient
body(BodyInserters.fromResource(new InputStreamResource(inputStream)))
@sandipchitale
sandipchitale / websecuritycustomizerbean.java
Last active August 16, 2023 07:16
Ignore resource #spring-security
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
return (web) -> web.ignoring()
.requestMatchers(
// To avoid wrapping in MvcMatcher make sure to use AntPathRequestMatcher
AntPathRequestMatcher.antMatcher("/index.html"),
AntPathRequestMatcher.antMatcher("/**/*.css")
);
}
@sandipchitale
sandipchitale / as.java
Last active August 15, 2023 06:20
OAuth2 AS use shared secret key encoded JWT #springboot-oauth2-as-jwt
@Bean
@Order(Ordered.HIGHEST_PRECEDENCE)
public SecurityFilterChain authorizationServerSecurityFilterChain(HttpSecurity httpSecurity,
OAuth2TokenGenerator<?> tokenGenerator,
RegisteredClientRepository registeredClientRepository) throws Exception {
OAuth2AuthorizationServerConfiguration.applyDefaultSecurity(httpSecurity);
OAuth2AuthorizationServerConfigurer oAuth2AuthorizationServerConfigurer =
httpSecurity.getConfigurer(OAuth2AuthorizationServerConfigurer.class);
oAuth2AuthorizationServerConfigurer.registeredClientRepository(registeredClientRepository);
@sandipchitale
sandipchitale / DPEPP.java
Last active August 13, 2023 02:40
Dynamicall add a property source to inject additional property based on another property #springboot
@Order(Ordered.LOWEST_PRECEDENCE)
public static class OAuth2ClientPropertiesSchemeAdjusterEnvironmentPostProcessor implements EnvironmentPostProcessor {
@Override
public void postProcessEnvironment(ConfigurableEnvironment environment, SpringApplication application) {
String asScheme = "http";
if ("true".equals(environment.getProperty("server.ssl.enabled"))) {
asScheme = "https";
}
@sandipchitale
sandipchitale / CPBPP.java
Last active August 13, 2023 02:37
Sample BeanProcessor to modify a configuration property bean #springboot
@Component
public class OAuth2ClientPropertiesSchemeAdjusterBeanPostProcessor implements BeanPostProcessor, EnvironmentAware {
private Environment environment;
@Override
public Object postProcessAfterInitialization(Object bean, String beanName) throws BeansException {
if (bean instanceof OAuth2ClientProperties oAuth2ClientProperties) {
String tokenUri = oAuth2ClientProperties.getProvider().get("as").getTokenUri();
if ("true".equals(environment.getProperty("server.ssl.enabled"))) {
@sandipchitale
sandipchitale / SharedSecret.java
Last active August 10, 2023 06:00
Shared Secret Key #spring-authorization-server
private static String secret = UUID.randomUUID().toString();
private static SecretKey key = new SecretKeySpec(secret.getBytes(), "HmacSHA256");
private static JWKSource<SecurityContext> immutableSecret = new ImmutableSecret<SecurityContext>(key);
@Bean
public OAuth2TokenCustomizer<JwtEncodingContext> jwtCustomizer() {
return context -> {
JwsHeader.Builder headers = context.getJwsHeader();
if (context.getTokenType().equals(OAuth2TokenType.ACCESS_TOKEN) || context.getTokenType().equals(OAuth2TokenType.REFRESH_TOKEN)) {
// We are using HS256 with shared secret key
@sandipchitale
sandipchitale / README.md
Last active August 7, 2023 06:19
Springboot Notes #springboot

Springboot notes

OAuth2ClientAuthenticationFilter:

OAuth2ClientAuthenticationToken -> ClientSecretAuthenticationProvider -> OAuth2ClientAuthenticationToken

OAuth2TokenEndpointFilter:
OAuth2ClientCredentialsAuthenticationToken -> OAuth2ClientCredentialsAuthenticationProvider -> OAuth2AccessTokenAuthenticationToken
@sandipchitale
sandipchitale / BaseController.java
Last active August 6, 2023 00:26
Base Controller #springboot
import jakarta.servlet.ServletContext;
import jakarta.servlet.http.HttpServletRequest;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.env.Environment;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
@sandipchitale
sandipchitale / WarOrNotWar.java
Created August 4, 2023 02:53
Running as War or Standalone Springboot App #springboot #war #notwar
@Bean
@ConditionalOnWebApplication
@ConditionalOnNotWarDeployment()
public CommandLineRunner clrNotInWar() {
return (args) -> {
System.out.println("Not running as war!");
};
}
static class OnWarDeployment extends NoneNestedConditions {